<?php include('includes/startPage.php'); checkLogin(3); ?>
<?php include('process_profile_change.php');?>
<?php include('includes/header.php'); printHeader("Browse", "Nordic Sauna");?> <!-- (PageTitle, Banner Text) Prints <head>, opens <body> and prints banner -->
<?php include('includes/navigation.php'); printLeftMenu("browse"); ?> <!-- Navigation include, (currentpagename) -->

<?php OpenContentSection(); ?> 
	<!-- Content Starts -->
	<h2>User Management</h2>
        
<?php
        //These forms will only be displayed if you clicked on a user, actual processing will be done in process_profile_change.php

        //==========================================Create new user==========================================

        if (isset($_POST['newUser']) && $_POST['newUser'] == "Create New User" && $_SESSION['userLevel'] >= 3)
        {
?>
            <form name="registrationForm" action="process_profile_change.php" method="POST" onsubmit="return check_user_registration_form()">
            <table width="100%" border="0" cellspacing="1" cellpadding="1">
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Username:</font>
                    </td>
                    <td>
                        <input name="Username" id="Username" size="30" value="" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Password:</font>
                    </td>
                    <td>
                        <input name="Password" id="Password" size="30" value="" type="Password">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Confirm Password:</font>
                    </td>
                    <td>
                        <input name="PasswordConfirm" id="PasswordConfirm" size="30" value="" type="Password">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-10">&nbsp;</font>
                    </td>
                    <td>&nbsp;</td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">First name:</font>
                    </td>
                    <td>
                        <input name="FirstName" id="FirstName" size="30" value="" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Last name:</font>
                    </td>
                    <td>
                        <input name="LastName" id="LastName" size="30" value="" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Email Address:</font>
                    </td>
                    <td>
                        <input name="Email" id="Email" size="30" value="" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Phone Number:</font>
                    </td>
                    <td>
                        <input name="Phone" id="Phone" size="30" value="" type="text">
                    </td>
                </tr>
            </table>
            
            <table>
                <tr>
                    <td colspan="1">&nbsp;</td>
                    <td style="" align="left" nowrap="nowrap">
                            <input name="submit" id="submit" value="Submit" style="font-weight: bold;" type="submit" />
                            <input name="reset" id="reset" value="Reset" type="reset" onclick="return confirm('Reset all fields?');">
                    </td>
                </tr>
            </table>
        </form>
        
        <?php
            if (isset($messageString))
            {
                echo "<font size=+4, color=Green>&nbsp;&nbsp;" . $messageString . "</font>";
            }
        ?>


<?php
        }
        //==========================================Edit existing user==========================================
        else if (isset($_GET['username']) && $_SESSION['userLevel'] >= 3)
        {
            $modifiedUser = ns_dao_user::UserByUsername($_GET['username']);
            $userLevelList = ns_dao_user::GetUserLevelList();
            if ($modifiedUser->Username() == $_SESSION['username']) echo "<h3>Warning: You are trying to modify your own user profile!</h3>";
?>
            <form name="updateProfile" action="manage_users.php" method="post">
            <input type="hidden" name="username" id="username" value="<?php echo $modifiedUser->Username(); ?>"/>
            <table>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">First name:</font>
                    </td>
                    <td>
                        <input name="FirstName" id="FirstName" size="30" value="<?php echo $modifiedUser->FirstName(); ?>" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Last name:</font>
                    </td>
                    <td>
                        <input name="LastName" id="LastName" size="30" value="<?php echo $modifiedUser->LastName(); ?>" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Email Address:</font>
                    </td>
                    <td>
                        <input name="Email" id="Email" size="30" value="<?php echo $modifiedUser->Email(); ?>" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">Phone Number:</font>
                    </td>
                    <td>
                        <input name="Phone" id="Phone" size="30" value="<?php echo $modifiedUser->Phone(); ?>" type="text">
                    </td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1">User Level:</font>
                    </td>
                    <td>
                        <select name="UserLevel" id="UserLevel">
                        <?php
                            foreach ($userLevelList as $key => $userLevel)
                            {
                                if ($userLevel->ID() == $modifiedUser->UserLevel())
                                {
                                     echo '<option selected=selected value="' . $userLevel->ID() . '">' . $userLevel->ID() . " - " . $userLevel->UserLevelDescription() . "</option>";                                    
                                }
                                else
                                {
                                    echo '<option value="' . $userLevel->ID() . '">' . $userLevel->ID() . " - " . $userLevel->UserLevelDescription() . "</option>";
                                }
                            }    
                        ?>  
                        </select>
                        
                    </td>
                </tr>
            </table>

            <table>
                <tr>
                    <td colspan="1">&nbsp;</td>
                    <td style="" align="left" nowrap="nowrap">
                    <input name="save" id="save" value="Save" style="font-weight: bold;" type="submit">
                    <input name="cancel" id="cancel" value="Cancel" type="button" onclick="window.location.href ='manage_users.php'">
                    </td>
                </tr>
            </table>
            </form>
            <br />

            <form name="uploadAvatar" action="manage_users.php" method="POST" enctype="multipart/form-data">
                <input type="hidden" name="username" id="username" value="<?php echo $modifiedUser->Username(); ?>"/>
            <h4 style="margin:0">Avatar</h4>
            <table width="100%" border="0" cellspacing="1" cellpadding="1">
                <tr>
                    <td><font size="-1">Current Avatar:</font></td>
                    <td><img src="<?php echo "../../content/avatar/" . $modifiedUser->AvatarImage(); ?> " height='50px' width='50px' /></td>
                </tr>
                <tr>
                    <td nowrap="nowrap" valign="top" width="10%">
                        <font size="-1"><label for="avatarFile">Change Avatar:</label></font>
                    </td>
                    <td>
                        <input type="file" name="avatarFile" id="avatarFile" />
                    </td>
                </tr>
            </table>

            <table>
                <tr>
                    <td colspan="1">&nbsp;</td>
                    <td style="" align="left" nowrap="nowrap">
                        <input type="submit" name="uploadAvatar" style="font-weight: bold;" id="uploadAvatar" value="Update Avatar"/>
                    </td>
                </tr>
            </table>
            </form>
            <br />
<?php          
        } else {
?>
        <form name="newUser" id="newUser" action="manage_users.php" method="POST">
            <input type="submit" name="newUser" id="newUser" value="Create New User" />
        </form>
            
	<table class="displayTable" width="100%" border="1" cellspacing="1" cellpadding="1">
            <tr>
                <!--<td><strong>User ID</strong></td>-->
                <td><strong>Username</strong></td>
                <td><strong>First Name</strong></td>
                <td><strong>Last Name</strong></td>
                <td><strong>Email</strong></td>
                <td><strong>Phone</strong></td>
                <td><strong>User Level</strong></td>
                <td><strong>Delete</strong></td>
            </tr>
            
            <?php
                $userList = ns_dao_user::GetUsersList();
                foreach ($userList as $key => $user)
                {
                    echo "<tr>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->Username() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->FirstName() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->LastName() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->Email() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->Phone() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo "<a href='manage_users.php?username=" . $user->Username() ."'>" . $user->UserLevel() . "</a>";
                        echo "</td>";
                        echo "<td>";
                            echo '<form name="deleteUser" action="manage_users.php" method="post">';
                            echo '<input type="hidden" name="username" id="username" value="'.$user->Username().'"/>';
                            echo '<input type="submit" name="delete" id="delete" value="Delete" onclick="return confirm(\'Are you sure?\');">';
                            echo "</form>";
                        echo "</td>";
                    echo "</tr>";
                }            
            ?>
	</table>
	<!-- Content Ends -->
<?php } ?>
<?php CloseContentSection(); ?> 
<?php include('includes/footer.php');?>